<?php

function QueryHttpVirus()
{
	$handle = @fopen("http.txt", "r");
	$list = array();
	$ret_list = array();
	if (!$handle) 
	{
		return ;
	}
	while (!feof($handle)) 
	{
   		$list[] = fgets($handle, 1024);
   	}
      	fclose($handle);

	$i = 0;
	$k = 0;
	foreach($list as $l)
	{
		$str_list = explode(" ", $l);
		for ($k = 0; $k < count($str_list); $k ++)
		{
			if ($str_list[$k] == 200)
			{
				$ret_list[$i]['Src'] = $str_list[ $k - 2];
				$ret_list[$i]['Dsc'] = $str_list[ $k + 1];
				$ret_list[$i]['Name'] = $str_list[ $k + 5];
				$i ++;
			}
		}
	}
	
	/*foreach ($ret_list as $r)
	{
		echo $r['Src']."\n". $r['Dsc']. "\n". $r["Name"]. "\n";
	}*/
	return $ret_list;
}

function QueryRunLog()
{
	$handle = @fopen("/ldisk/system/boot.log", "r");
	$list = array();
	$ret_list = array();
	if (!$handle) 
	{
		return ;
	}
	while (!feof($handle)) 
	{
   		$list[] = fgets($handle, 1024);
   	}
      	fclose($handle);
	$i = 0;
	$k = 0;
	foreach($list as $l)
	{
		$str_list = explode(" ", $l);
		
		$ret_list[$i]['Act'] = $str_list[0];
		$ret_list[$i]['Time'] = $str_list[1]. " ". $str_list[2]. " ". $str_list[3]. " ".
					$str_list[4]. " ". $str_list[5]. " ". $str_list[6];
			$i ++;
	}
	return $ret_list;
	
}
function QueryMailVirus()
{
	$handle = @fopen("smtp.txt", "r");
	$list = array();
	$ret_list = array();
	$str_list = array();
	if (!$handle) 
	{
		return ;
	}
	while (!feof($handle)) 
	{
   		$list[] = fgets($handle, 1024);
   	}
      	fclose($handle);

	$i = 0;
	$k = 0;
	$n = 0;
	$j = 0;
	foreach($list as $l)
	{
		if ($l == NULL)
			continue;
		$str_list = explode(" ", $l);
		//$j = 0;
		for ($k = 0; $k < count($str_list); $k ++)
		{
			//print $k. "=". $str_list[$k]. "\n<br>";
			//if ($str_list[$k] == "user:")
			{
				if ($str_list[14] == NULL)
					continue;
				$i ++;
				$ret_list[$i]['DscMail'] = $str_list[14];
				$ret_list[$i]['SrcMail'] = $str_list[12];
				//$n ++;
			}
			//if ($str_list[$k] == "from" && !$j )
			{
				$ret_list[$i]['Src'] = $str_list[8];
				$ret_list[$i]['Dsc'] = $str_list[10];
				//$n ++;
				//$j ++;
			}
			//if ($str_list[$k] == "virus:")
			{
				$ret_list[$i]['Name'] = $str_list[18];
				//$n ++;
			}
			//if ($n == 3)
		}
	}
	
	/*foreach ($ret_list as $r)
	{
		echo $r['Src']."\n". $r['Dsc']. "\n". $r["Name"]. "\n". $r['SrcMail']. "\n". $r['DscMail']."\n";
	}*/
	return $ret_list;
}
function QueryMailPop3Virus()
{

	$handle = @fopen("pop3.txt", "r");
	$list = array();
	$ret_list = array();
	if (!$handle) 
	{
		return ;
	}
	while (!feof($handle)) 
	{
   		$list[] = fgets($handle, 1024);
   	}
      	fclose($handle);

	$i = 0;
	$k = 0;
	$n = 0;
	$j = 0;
	foreach($list as $l)
	{
		if ($l == NULL)
			continue;
		$str_list = explode(" ", $l);
		//$j = 0;
		for ($k = 0; $k < count($str_list); $k ++)
		{
			//print $k. "=". $str_list[$k]. "\n<br>";
			//if ($str_list[$k] == "user:")
			{
				if ($str_list[14] == NULL)
					continue;
				$i ++;
				$ret_list[$i]['DscMail'] = $str_list[14];
				$ret_list[$i]['SrcMail'] = $str_list[12];
				//$n ++;
			}
			//if ($str_list[$k] == "from" && !$j )
			{
				$ret_list[$i]['Src'] = $str_list[8];
				$ret_list[$i]['Dsc'] = $str_list[10];
				//$n ++;
				//$j ++;
			}
			//if ($str_list[$k] == "virus:")
			{
				$ret_list[$i]['Name'] = $str_list[18];
				//$n ++;
			}
			//if ($n == 3)
		}
	}
	
	/*foreach ($ret_list as $r)
	{
		echo $r['Src']."\n". $r['Dsc']. "\n". $r["Name"]. "\n". $r['SrcMail']. "\n". $r['DscMail']."\n";
	}*/
	return $ret_list;
}
function QueryFtpVirus()
{

	$handle = @fopen("ftp.txt", "r");
	$list = array();
	$ret_list = array();
	if (!$handle) 
	{
		return ;
	}
	while (!feof($handle)) 
	{
   		$list[] = fgets($handle, 1024);
   	}
      	fclose($handle);

	$i = 0;
	$k = 0;
	foreach($list as $l)
	{
		$str_list = explode(" ", $l);
		$j = 0;
		for ($k = 0; $k < count($str_list); $k ++)
		{
			//print $k. "=". $str_list[$k]. "\n";
			if ($str_list[$k] == "DOWNLOADED" )
			{
				$ret_list[$i]['Src'] = $str_list[ $k - 1];
				$ret_list[$i]['Dsc'] = $str_list[ $k + 1];
			}
			$i ++;
		}
	}
	
	/*foreach ($ret_list as $r)
	{
		echo $r['Src']."\n". $r['Dsc']. "\n". $r["Name"]. "\n". $r['SrcMail']. "\n". $r['DscMail']."\n";
	}*/
	return $ret_list;
}


function GetVirusTopTne()
{
	$list = GetTopTen('Name');
	return $list;
}


function GetUserTopTne()
{
	$list = GetTopTen('Src');
	return $list;
}

function GetDscTopTne()
{
	$list = GetTopTen('Dsc');
	return $list;
}

function GetTopTen($key)
{
	$list = array();
	$ret = array();
	$t_list = QueryHttpVirus();

	foreach ($t_list as $t)
	{
		$list[] = $t[$key];
	}
	$t_list = QueryFtpVirus();
	foreach($t_list as $t)
	{
		$list[] = $t[$key];
	}
	$t_list = QueryMailVirus();
	foreach($t_list as $t)
	{
		$list[] = $t[$key];
	}
	$t_list = QueryMailPop3Virus();
	foreach($t_list as $t)
	{
		$list[] = $t[$key];
	}
	$a = array_unique ($list);
	
	
	foreach ($a as $key)
	{	
		$i = 0;
		foreach ($list as $l)
		{
			if ($l == $key)
			{
				$i ++;
			}
		}
		$ret[$key] = $i;
	}
	asort($ret);

	return $ret;
}

?>
